Well-Architected Bootcamp

1© 2018 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Welcome to the AWS
Well-Architected Bootcamp
Sam Elmalak
March 2018

What to Expect from the Session
• In this session, you will learn about:
 The AWS Well-Architected Framework (5 pillars)
 Value proposition
 General design principles
 Best practices
• Learn how to improve your cloud architectures and better
understand the business impact of your design decisions

Agenda
• Introduction to AWS Well-Architected
• Walk through an example
• Learn about each pillar, teams review and present back
• Deep dive on each pillar
• Common issues

A Mechanism for your Cloud Journey
Learn Measure Improve

Purpose of AWS Well-Architected
• Making informed decisions about architecture in the cloud,
understanding the potential impact of decisions
• Questions are the starting point, you should think actively about
“what if” and failure scenarios
• Not a binary “yes” or “no”, depends on business context

Value Proposition
• Consistent approach to reviewing architectures
• Understand and reduce risk in your architecture
• Learn best practices
• Influence future architectures

AWS Well-Architected
Framework

The AWS Well-Architected Framework
• Increases awareness of architectural best practices
• Addresses foundational areas that are often neglected
• Consistent approach to evaluating architectures
• Composed of:
 Pillars
 Design principles
 Questions

Pillars of AWS Well-Architected
Security Reliability Performance
Efficiency
Cost
Optimization
Operational
Excellence

Architecting for Runtime
• Run time is more important than design time
• Team ready is more important than system ready
• Architecting for runtime:
• Runtime features in napkin designs
• Team & Processes upfront
• Operations code: management plane of product
• Decide the tradeoffs across pillars
• Operational Excellence comes first

Design Principles
The Well-Architected Framework has identified a set of
design principles to facilitate good design in the cloud:
• General design principles
• Pillar-specific design principles
Enable traceability: Log and audit all actions and changes
to your environment. Automatically respond and take
action

General Design Principles
Stop guessing your capacity needs
Test systems at production scale
Automate to make architectural experimentation easier
Allow for evolutionary architectures
Data-driven architectures
Improve through game days

Questions
Pillar Area
Question Text
Question Context
Best Practices

Example Walkthrough

Example: Introduction to the Company
• Mappahood Corporation
• Founded in 2008 by Ivor Terrene
• Selling 3D Printed Cityscapes (B2B/B2C)
• About to apply for investment
• Have asked you to perform a review
of their platform as part of their due diligence
• Cloud native
“Cityscapes you can stand over”

Mappahood Corporation: “Cityscapes you can stand over”

Introduction to the Company “Cityscapes you can stand over”
The company has three main departments:
• Fly & Snap: image acquisition, preprocessing, and storage
• Show & Sell: promoting, selling, and working with customers
• Make & Ship: manufacture of products and delivery
Their architecture reflects Conway’s law:
“organizations which design systems ... are constrained to produce designs which
are copies of the communication structures of these organizations”
https://en.wikipedia.org/wiki/Conway's_law

Mappahood Corporation: “Cityscapes you can stand over”

• Work through the questions in the review
• Use the questions as a prompt
• In which places does this question apply?
• CURRENT STATE – what is being done now?
• FUTURE STATE – what do you think they should be
doing?
• Not an absolute right or wrong – use case specific
• It’s a guide to aid the review
• Maybe follow-up questions..

Upload: FTP Upload: SSH FTP
• Work through the questions in the review
• Use the questions as a prompt
• In which places does this question apply?
• CURRENT STATE – what is being done now?
• FUTURE STATE – what do you think they should be
doing?
• Not an absolute right or wrong – use case specific
• It’s a guide to aid the review
• Maybe follow-up questions..

Operational Excellence

Operational Excellence
The ability to run and monitor systems to deliver
business value and continually improve supporting
processes and procedures.
• Prepare
• Operate
• Evolve

Design Principles
Perform Operations with Code
Annotated Documentation
Make Frequent, Small, Reversible Changes
Refine Operations Procedures Frequently
Anticipate Failure
Learn From All Operational Failures

Key Services for Operational Excellence
Areas Key Services
Prepare
Operate
Evolve
AWS Config &
Config Rules
AWS
CloudFormation
Amazon
CloudWatch
Amazon
Elasticsearch

Review: Operational
Excellence Pillar

Breakout

Breakout Timing
• Pick team name (1 minute)
• Review 3 questions (15 minutes)
 OPS 2
 OPS 3
 OPS 5
• Agree on top change
• Select presenter
If you need help, raise your hand!

Operational Excellence: Key Issues Identified
The ability to run and monitor systems to deliver
business value and continually improve supporting
processes and procedures.
• Prepare: Provides insights into Workload behavior
• Operate: Runbooks & Playbooks
• Evolve: Root Cause Analysis Process

Security

Security
The ability to protect information, systems, and assets
while delivering business value through risk assessments
and mitigation strategies.
• Identity and access management
• Detective controls
• Infrastructure protection
• Data protection
• Incident response

Design Principles
Implement a strong identity foundation
Enable traceability
Apply security at all layers
Automate security best practices
Protect data in transit and at rest
Prepare for security events

Key Services for Security
Areas Key Services
Identity and Access
Management
Detective Controls
Infrastructure Protection
Data Protection
Incident Response
Amazon EBSAmazon S3
MFA Token
Amazon VPC
AWS CloudTrail AWS Config Amazon CloudWatch
AWS IAM
AWS IAM AWS CloudFormation
Temporary
Security Credential
Amazon
Inspector
Amazon
Macie AWS KMS
AWS
Organizations
AWS Shield AWS WAF
AWS IAM

Review: Security Pillar

Breakout

Breakout Timing
 SEC 1
 SEC 4
 SEC 12

Security: Key Issues Identified
The ability to protect information, systems, and assets
while delivering business value through risk assessments
and mitigation strategies.
• Identity and access Management: AWS IAM
• Detective controls: Logging & Monitoring, Automation
• Infrastructure protection: Security Groups
• Data protection: Data at rest and in transit
• Incident response: Clean Room

Reliability

Reliability
The ability of a system to recover from infrastructure or
service failures, dynamically acquire computing resources
to meet demand, and mitigate disruptions such as
misconfigurations or transient network issues.
• Foundations
• Change management
• Failure management

Design Principles – Reliability
Test recovery procedures
Automatically recover from failure
Scale horizontally to increase aggregate system availability
Stop guessing capacity
Manage change in automation

Key Services for Reliability
Areas Key Services
Foundations
Change management
Failure management
AWS IAM Amazon VPC
AWS CloudTrail AWS Config
AWS CloudFormation
Amazon CloudWatch
AWS Trusted Advisor AWS Shield
Amazon CloudWatch AWS Auto Scaling
Amazon S3 Amazon Glacier AWS KMS

Review: Reliability Pillar

Breakout

Breakout Timing
 REL 2
 REL 5
 REL 7

Reliability: Key Issues Identified
The ability of a system to recover from infrastructure or
service failures, dynamically acquire computing resources
to meet demand, and mitigate disruptions such as
misconfigurations or transient network issues.
• Foundations: Plan Amazon VPC
• Change management: Auto Scaling
• Failure management: Multi-AZ

Performance Efficiency

Performance Efficiency
The ability to use computing resources efficiently to meet
system requirements, and to maintain that efficiency as
demand changes and technologies evolve.
• Selection
• Review
• Monitoring
• Trade-offs

Design Principles
Democratize advanced technologies
Go global in minutes
Use serverless architectures
Experiment more often
Mechanical sympathy

Key Services for Performance Efficiency
Areas Key Services
Selection (Compute,
Storage, Database,
Network)
Review
Monitoring
Trade-offs
Amazon EBS Amazon S3 Amazon RDSAuto Scaling
Amazon
CloudFront
Amazon
DynamoDB
Amazon
CloudWatch AWS Lambda
Amazon Elasticache AWSSnowball
AWS Blog and
What’s New
Amazon CloudWatch
Amazon VPC
Amazon RDS
Amazon
Route 53
AWS Direct
Connect

Review: Performance
Efficiency Pillar

Breakout

Breakout Timing
 PERF 1
 PERF 2
 PERF 4

Performance Efficiency: Key Issues Identified
The ability to use computing resources efficiently to meet
system requirements, and to maintain that efficiency as
demand changes and technologies evolve.
• Selection: Functions instead of Instances
• Review: Newer Instance Types
• Monitor: Metrics
• Tradeoffs: Amazon CloudFront, DAX

Cost Optimization

Cost Optimization
The ability to avoid or eliminate unneeded cost or
suboptimal resources.
• Cost-effective resources
• Matched supply and demand
• Expenditure awareness
• Optimizing over time

Design Principles
Adopt a consumption model
Measure overall efficiency
Stop spending money on data center operations
Analyze and attribute expenditure
Use managed services to reduce cost of ownership

Key Services for Cost Optimization
Areas Key Services
Cost-effective resources
Matched supply and demand
Expenditure awareness
Optimizing over time
Amazon CloudWatch
AWS Auto Scaling
Amazon SNS
Reserved Instances
AWS Trusted AdvisorAWS Blog & What’s New
Cost Allocation Tags
Amazon Cost
Explorer

Review: Cost Optimization
Pillar

Breakout

Breakout Timing
 COST 1
 COST 5
 COST 6

Cost Optimization: Key Issues Identified
The ability to avoid or eliminate unneeded cost or
suboptimal resources.
• Matched supply and demand: Amazon CloudWatch
• Cost-effective resources: Upload to Amazon S3
• Expenditure awareness: Monitoring
• Optimizing over time: AWS Lambda

Review Wrap-Up

Review Wrap-Up
Review:
• Common areas identified
• Critical issues missed
Well-Architected:
• Definition
• Trade-offs
• Continuous improvement
• Guidance

Summary: Purpose of Well-Architected
• Strategies & best practices for architecting in the cloud
• Questions allow you to measure your architecture against best
practices and how to address any shortcomings
• Making informed decisions about architecture in the cloud
• Questions are the starting point
• Not a binary “yes” or “no”
• Consistency of reviews

Review Process
• You can review your own workloads (or APN partner/SA)
• Conversation, a deep dive into the architecture
• Do it multiple times in the lifecycle
• and on significant change, update the review in small parts
• Involve the right stakeholders
• Biz product owner, tech owners, operations, security
• Prioritize improvements in main backlog
• Looks for trends across your business

Available Resources
• AWS Well-Architected Framework Whitepaper
• Pillar Specific Whitepapers
• Prescriptive high-level implementation guidance
• Lens Whitepapers
• Online Training
https://aws.amazon.com/well-architected

Thank you!

Remember to complete
your evaluations!

Well-Architected Bootcamp

Well-Architected Bootcamp

Recommended

More Related Content

What's hot

What's hot(20)

Similar to Well-Architected Bootcamp

Similar to Well-Architected Bootcamp(20)

More from Amazon Web Services

More from Amazon Web Services(20)

Well-Architected Bootcamp